$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/lSamckeK-nVEXY0H3MV8BYlm7-I.mft File: lSamckeK-nVEXY0H3MV8BYlm7-I.mft (raw, json) Hash identifier: YEOpjmGa8LdWk676tVrCLerx2R0ZRG31AMhQeDad5W0= Subject key identifier: D8:5C:81:39:3C:D7:2A:C8:7A:74:E0:FF:0D:E8:36:76:59:85:60:D4 Authority key identifier: 95:26:A6:72:47:8A:FA:75:44:5D:8D:07:DC:C5:7C:05:89:66:EF:E2 Certificate issuer: /CN=A91FA1BE/serialNumber=9526A672478AFA75445D8D07DCC57C058966EFE2 Certificate serial: 022B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lSamckeK-nVEXY0H3MV8BYlm7-I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/lSamckeK-nVEXY0H3MV8BYlm7-I.mft Manifest number: 0225 Signing time: Sat 31 May 2025 02:07:25 +0000 Manifest this update: Sat 31 May 2025 02:07:25 +0000 Manifest next update: Sat 07 Jun 2025 02:07:25 +0000 Files and hashes: 1: lSamckeK-nVEXY0H3MV8BYlm7-I.crl (hash: YQ3U0vDEPxzQg384PAYJEc6JCM3vAThbE2x/ZkWOLZw=) 2: 6F46908C2D3411ED92165562C4F9AE02.roa (hash: 4gZpKbAZ3PPZ8XY+4tRmnbJCoHSToqpiZD3Xw35DspI=) 3: 6E98B3182D3411ED92165562C4F9AE02.roa (hash: lDaMLlKkOnOEtKB4HQw14YL4MByHOHikQc7Dy/TLNpg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/lSamckeK-nVEXY0H3MV8BYlm7-I.crl rsync://rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/lSamckeK-nVEXY0H3MV8BYlm7-I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lSamckeK-nVEXY0H3MV8BYlm7-I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 02:07:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 555 (0x22b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA1BE, serialNumber=9526A672478AFA75445D8D07DCC57C058966EFE2 Validity Not Before: May 31 02:07:25 2025 GMT Not After : Jun 7 02:07:25 2025 GMT Subject: CN=683a645d-9a9b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:ac:bc:4b:d6:fb:52:ae:44:13:f4:4e:91:13: d6:fe:ea:44:ac:11:f7:5b:a5:c5:84:2d:f2:23:8a: 97:7a:61:7a:d1:cf:f0:39:bb:5e:ae:ab:de:55:e5: a8:e5:59:39:57:29:db:7d:73:8c:38:80:6b:04:1a: 41:83:c1:e1:17:a0:bd:cf:a2:d1:f9:ee:34:f9:92: 8e:86:a5:50:5a:44:14:0f:28:5b:7f:ba:12:0b:a1: 38:ba:7d:4f:44:7f:65:e3:5a:9a:23:cd:ef:07:22: 1f:4d:b2:c4:8d:e9:2d:33:45:6a:9d:c1:bd:84:60: cd:d3:a5:75:11:41:53:5b:81:1c:bb:15:24:9a:e1: 88:eb:e4:9d:95:16:48:ea:22:0f:f9:32:dc:c2:7a: 38:ed:61:14:fd:76:63:9d:d3:c9:f5:70:c8:b0:d7: 1c:9e:03:23:be:79:96:5e:8e:75:45:8c:b4:7f:c0: 91:23:6e:06:67:2f:87:bb:f3:c4:65:d0:86:de:9d: 51:5b:7f:19:86:34:ba:94:fd:d2:b4:d6:9c:2c:79: 0b:12:3d:b2:b9:0e:6a:cd:97:55:d6:71:b8:0b:fd: 27:03:80:b6:1b:84:7d:c4:46:6c:25:64:85:73:2a: cc:95:3a:12:c9:a4:19:b8:be:dd:49:04:73:ee:eb: 1d:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:5C:81:39:3C:D7:2A:C8:7A:74:E0:FF:0D:E8:36:76:59:85:60:D4 X509v3 Authority Key Identifier: keyid:95:26:A6:72:47:8A:FA:75:44:5D:8D:07:DC:C5:7C:05:89:66:EF:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/lSamckeK-nVEXY0H3MV8BYlm7-I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lSamckeK-nVEXY0H3MV8BYlm7-I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA1BE/4168FF762D3211ED92B8B761C4F9AE02/lSamckeK-nVEXY0H3MV8BYlm7-I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:4e:5d:02:b7:31:69:cf:6a:12:16:84:4d:e3:87:74:8d:26: f3:65:bd:41:7c:aa:e2:f2:00:33:c1:39:53:dd:ef:66:2c:cd: 8a:28:19:88:ae:74:c6:40:a9:fd:35:e3:fa:01:42:80:63:db: 56:09:c2:2f:28:94:49:73:ce:3c:84:7d:37:bc:a9:ee:68:d8: 1b:17:bd:64:a9:89:e2:5f:1a:b1:f2:1b:cf:bf:d5:88:a3:98: 21:ad:c3:bb:2b:d7:72:1a:d9:58:85:0d:f2:f4:c9:ff:ee:8d: 8e:e0:fe:61:3b:1b:91:c6:6a:e5:86:1a:c4:c1:20:8d:c7:ae: f3:6f:0c:53:48:f4:f4:5c:0b:44:fe:88:c4:10:cf:3e:7b:c9: 18:16:ca:21:24:64:db:0e:42:b4:60:94:00:e1:e6:1c:0a:d6: 30:a2:a7:18:dd:35:5d:93:b5:2b:2e:43:f3:3b:0b:68:81:57: de:75:8d:28:6c:b0:18:b4:05:eb:9b:b3:ca:bd:67:7c:40:b2: d2:b4:6c:5e:46:66:84:f8:2e:f1:4a:ac:03:d2:fb:40:37:88: ea:f2:1a:e7:38:db:04:6e:05:1a:93:08:a2:a3:7e:4e:dc:cd: 5f:d0:48:71:82:f7:47:93:84:4e:68:24:54:8b:8c:94:77:e1: 00:3e:ba:7e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAiswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkExQkUxMTAvBgNVBAUTKDk1MjZBNjcyNDc4QUZBNzU0NDVEOEQwN0RDQzU3QzA1 ODk2NkVGRTIwHhcNMjUwNTMxMDIwNzI1WhcNMjUwNjA3MDIwNzI1WjAYMRYwFAYD VQQDEw02ODNhNjQ1ZC05YTliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv6y8S9b7Uq5EE/ROkRPW/upErBH3W6XFhC3yI4qXemF60c/wObterqveVeWo 5Vk5VynbfXOMOIBrBBpBg8HhF6C9z6LR+e40+ZKOhqVQWkQUDyhbf7oSC6E4un1P RH9l41qaI83vByIfTbLEjektM0VqncG9hGDN06V1EUFTW4EcuxUkmuGI6+SdlRZI 6iIP+TLcwno47WEU/XZjndPJ9XDIsNccngMjvnmWXo51RYy0f8CRI24GZy+Hu/PE ZdCG3p1RW38ZhjS6lP3StNacLHkLEj2yuQ5qzZdV1nG4C/0nA4C2G4R9xEZsJWSF cyrMlToSyaQZuL7dSQRz7usdmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNhcgTk8 1yrIenTg/w3oNnZZhWDUMB8GA1UdIwQYMBaAFJUmpnJHivp1RF2NB9zFfAWJZu/i MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTFCRS80MTY4RkY3NjJE MzIxMUVEOTJCOEI3NjFDNEY5QUUwMi9sU2FtY2tlSy1uVkVYWTBIM01WOEJZbG03 LUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xTYW1ja2VLLW5WRVhZMEgzTVY4QllsbTctSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTFCRS80MTY4RkY3NjJEMzIxMUVEOTJCOEI3NjFDNEY5QUUwMi9sU2FtY2tlSy1u VkVYWTBIM01WOEJZbG03LUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBaTl0CtzFpz2oSFoRN44d0jSbzZb1BfKri8gAzwTlT3e9mLM2KKBmI rnTGQKn9NeP6AUKAY9tWCcIvKJRJc848hH03vKnuaNgbF71kqYniXxqx8hvPv9WI o5ghrcO7K9dyGtlYhQ3y9Mn/7o2O4P5hOxuRxmrlhhrEwSCNx67zbwxTSPT0XAtE /ojEEM8+e8kYFsohJGTbDkK0YJQA4eYcCtYwoqcY3TVdk7UrLkPzOwtogVfedY0o bLAYtAXrm7PKvWd8QLLStGxeRmaE+C7xSqwD0vtAN4jq8hrnONsEbgUakwiio35O 3M1f0EhxgvdHk4ROaCRUi4yUd+EAPrp+ -----END CERTIFICATE-----Generated at Sat May 31 15:23:11 2025 by rpki-client